CSIS Panel
Thursday, January 17, 2019
Federal agencies can improve cybersecurity by focusing more on best practices for protecting the data and devices used to access and share information.

Last month, I joined a panel discussion of cybersecurity leaders at an event hosted by the Center for Strategic and International Studies (CSIS). The panel, which followed an opening plenary address from Federal CIO Suzette Kent, assessed effective approaches to cybersecurity protection for endpoint devices used by Federal agencies; the panel discussion was moderated by William Carter at CSIS, and also included Ryan Gillis (Vice President, Cybersecurity Strategy and Global Policy, Palo Alto Networks) and Todd Gustafson, President & Head of US Public Sector, HP Federal.

The discussion, which is highlighted in the video to the right, keyed off a recent CSIS report Extending Federal Cybersecurity to the Endpoint (https://www.csis.org/analysis/extending-federal-cybersecurity-endpoint).  As CSIS noted in framing the issue:  "While cybersecurity awareness in the federal government has improved, along with efforts to provide more secure architectures and managed security services for federal networks, these efforts are focused on systemic risks and vulnerabilities in core infrastructures. Few extend to the millions of endpoint devices connected to these systems."

The panel discussed a number of topics related to endpoint security in the government, including:

  • how federal agencies can adopt flexible, user-centered approaches for fedeTral agencies in managing security risks, vulnerabilities, threats, and incidents;
  • how the federal government should address cyber risk management for the rising number of consumer and other endpoint devices connected to federal systems;
  • how government can use procurement incentives to promote industry innovation and inclusion of security in developing device-based solutions for government; and
  • how to educate and involve users in protecting the integrity and confidentiality of data that they access through endpoint devices.

Some speaker photos from this interesting event appear below. (From l to r: Suzette Kent, Federal Chief Information Officer, OMB; Dan Chenok, Executive Director, IBM Center for The Business of Government; and William A. Carter, Deputy Director and Fellow, Technology Policy Program)